• About us
  • Disclaimer
  • Privacy Policy
Sunday, August 14, 2022
  • Login
  • Register
W-SE (Web - SEcurity)
  • Tech today
  • Security
    • Malware
    • Top list
  • Vulnerabilities
  • How To?
    • All
    • gaming
    • Smart phone
    • smart tv
    • software
    Tips for Buying the Perfect Travel Sim Card

    Tips for Buying the Perfect Travel Sim Card

    How to Write Farewell and Appreciate Messages

    How to Write Farewell and Appreciate Messages?

    Software help business

    Reasons to Buy the Right Business Hardware

    How to Invest in NFT Art?

    Ideal Internet Speed for Online Gaming

    Ideal Internet Speed for Online Gaming

    AceThinker Online Video Editor and Pro

    AceThinker Online Video Editor and Pro

    Trending Tags

    • Web Security
    • Data Security
    • Network Security
    • Cybersecurity
  • About us
  • Disclaimer
  • Privacy Policy
  • Contact
No Result
View All Result
  • Tech today
  • Security
    • Malware
    • Top list
  • Vulnerabilities
  • How To?
    • All
    • gaming
    • Smart phone
    • smart tv
    • software
    Tips for Buying the Perfect Travel Sim Card

    Tips for Buying the Perfect Travel Sim Card

    How to Write Farewell and Appreciate Messages

    How to Write Farewell and Appreciate Messages?

    Software help business

    Reasons to Buy the Right Business Hardware

    How to Invest in NFT Art?

    Ideal Internet Speed for Online Gaming

    Ideal Internet Speed for Online Gaming

    AceThinker Online Video Editor and Pro

    AceThinker Online Video Editor and Pro

    Trending Tags

    • Web Security
    • Data Security
    • Network Security
    • Cybersecurity
  • About us
  • Disclaimer
  • Privacy Policy
  • Contact
No Result
View All Result
W-SE (Web - SEcurity)
No Result
View All Result
Home Security

Plundervolt Attack Uses Intel Chip Voltage to Steal Data

Melina Richardson by Melina Richardson
in Security, Vulnerabilities
A A

A recently reported attack targeting Intel processors uses CPU voltage changes to reveal data stored with Intel Software Guard Extensions (SGX).

A group of researchers from University of Birmingham, UK; Graz University of Technology, Austria; and the imec-DistriNet Research Group of KU Leuven, Belgium, discovered the attack, known as the “Plundervolt” and followed as the “CVE-2019-1157” and initially reported to Intel six months ago.

The chip maker has already released firmware updates to fix the flaw and says that it doesn’t know the bug is being used in live attacks. Nonetheless, all users can download security updates.

“Once SGX is activated on a device, the privileged user may be capable of attacking the privacy and credibility of the computer resources by manipulating the CPU voltage settings. Intel has built a microcode update with device vendors to alleviate the problem by locking voltage to default settings, “Intel explains.

Security researchers demonstrate in a whitepaper that the attack is possible because the CPU frequency and voltage are designed to work as a pair based on the current load. This would lead to errors if the voltage is changed when the processor runs at a specific frequency.

An adversary who already has high privileges on a system uses special software as part of the Plundervolt attack to abuse the Intel Core voltage scaling interface and corrupt the integrity of SGX enclave calculations.

Through inserting predictable errors in the processor package during enclave computations, scientists have been able to retrieve keys from cryptographic algorithms and even trigger memorandum-free enclave code vulnerabilities.

Modern processors, according to the authors, bring specific optimizations to ensure low energy consumption. The clock frequency and supply voltage are therefore kept to a minimum and scaled only if necessary. Moreover, only the privileged device code is exposed to dynamic voltage and frequency scaling functions.

What the researchers discovered was that the computation could cause faulty multiplications in a SGX enclave. Next, the researchers have shown that they can subvert real uses and leak secrets from enclaves.

The scientists were able to apply the technique to insert errors into the main derivative instructions at the hardware level of Intel SGX that could allow details about the key long-term material of the processor to be revealed, although it should not be subject to code.

Plundervolt can also be exploited in particular situations, as the compilers frequently rely on accurate multiplication results for pointer arithmetic and the storage allocation sizes, to cause memory safety misconduct.

“Our current findings show that the Plundervolt attack affects all Intel Core processors SGX-enabled from Skylake onward. The researchers, who have published video demonstrations on the attack as well, have also experimentally confirmed the existence of the undervolting interface for pre-SGX Intel Core processors.

Intel confirmed that the vulnerability affects families Intel 6th, 7th, 8th, 9th and 10th generation core processors and Intel Xeon Processor E3 v5 and V6 and the E-2100 and E-2200 Intel Xeon Processor and published a large list of products affected.

Intel recommends that users of the above mentioned Intel Processors update their system manufacturer’s latest version of BIOS which addresses these issues,’ the chip maker notes.

ShareTweetShare
Previous Post

Apps such as Slack And Dropbox are vulnerable to attack at the moment?

Next Post

Damages from Malware

Melina Richardson

Melina Richardson

Melina Richardson is a Cyber Security Enthusiast, Security Blogger, Technical Editor, Certified Ethical Hacker, Author at Cybers Guards & w-se. Previously, he worked as a security news reporter.

Next Post
Scareware

Damages from Malware

Please login to join discussion

Free Online Tools

Article Rewriter Pro
Grammar Checker Pro
Plagiarism Checker
Online Ping Website Tool
Website Screenshot Generator
Website Source Code Finder

Free A To Z IT Tools Online

Free IT Tools Online
  • Trending
  • Comments
  • Latest
inurl technology

Latest Carding Dorks List for Sql Injection 2022

March 16, 2022
connect monitor to laptop two screens

How To Connect A Monitor To A Laptop And Use Both Screens?

February 10, 2021
how to connect two monitors to my laptop

How Do I Connect 2 Monitors To My Lenovo Laptop?

January 22, 2021
Gb Whatsapp An Unexpected Error

Gb Whatsapp An Unexpected Error

November 7, 2021
Windows Flaw

If Older Battleye software is used, Windows 10 1903 Blocked

0
Mac Os

New unpatched macOS bypass gatekeeper published online

0
Siemens Medical Products

Wormable Windows Flaw Affected Siemens Medical Products

0
Cloud Computing

5 Tips of the Personal Data Protection in the Cloud

0
Tips for Buying the Perfect Travel Sim Card

Tips for Buying the Perfect Travel Sim Card

August 5, 2022
How to Write Farewell and Appreciate Messages

How to Write Farewell and Appreciate Messages?

August 5, 2022
Cyber Security Degree In Pennsylvania

Ways Block Chain Affect Web Security in 2022

August 5, 2022

10 Tips on How to Improve your Software Development Skills

July 19, 2022

Quick Links

Learnopedia
Tech Write For US
Technology Write For US
Casino Write For Us
Mr.Perfect Reviews
Cyber Security Career

Recent News

Tips for Buying the Perfect Travel Sim Card

Tips for Buying the Perfect Travel Sim Card

August 5, 2022
How to Write Farewell and Appreciate Messages

How to Write Farewell and Appreciate Messages?

August 5, 2022
Cyber Security Degree In Pennsylvania

Ways Block Chain Affect Web Security in 2022

August 5, 2022

10 Tips on How to Improve your Software Development Skills

July 19, 2022
W-SE (Web – SEcurity)

W-SE regularly updates cyber attacks, hacking and events that provide IT security professionals with information throughout the world. Also offering news in W-SE. We spent two years living and sharing guidance and insights with IT experts, detailed analyzes and news.

We also train people with product reviews in different form of content.

Browse by Category

  • computer
  • Fraud & Identity
  • gaming
  • How To?
  • laptop
  • Malware
  • Microsoft
  • Mobile
  • photography
  • Privacy
  • Reviews
  • Security
  • Security Degree
  • Smart phone
  • smart tv
  • Social
  • software
  • Tech
  • Tech today
  • Top list
  • Uncategorized
  • Virus & Threats
  • Vulnerabilities
  • Website
  • What is?

Recent News

Tips for Buying the Perfect Travel Sim Card

Tips for Buying the Perfect Travel Sim Card

August 5, 2022
How to Write Farewell and Appreciate Messages

How to Write Farewell and Appreciate Messages?

August 5, 2022
  • About us
  • Contact
  • Disclaimer
  • Home
  • Privacy Policy
  • Resources
  • Support Forum
  • Tech Blog
  • Technology Write For Us
  • W-SE (Web Security)

© 2020 w-se.com - Powered by Fix Hacked Website, Cyber Special , SSL Authority Reviews Powered by Mr.Perfect Reviews.

No Result
View All Result
  • Tech today
  • Security
    • Malware
    • Top list
  • Vulnerabilities
  • How To?
  • About us
  • Disclaimer
  • Privacy Policy
  • Contact

© 2020 w-se.com - Powered by Fix Hacked Website, Cyber Special , SSL Authority Reviews Powered by Mr.Perfect Reviews.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In